You may try to type following: typedef struct _mystruc { int var1 :4; int var2 :4; } mystruc; I never declared this way by myself. Just saw such declaration in some headers representing structures of bit fields. Not sure how it will be handled by gcc used in devkitPro. Probably you need to set packed attribute to this structure. But you must to know, that structure boundaryby sorg - Coding
QuoteSo if you do an IOS_Reload on a title with a normal tmd not correct. If you reload IOS then TMD from that IOS will be used for flags setting. Even if title has AHBPROT flag, it won't help to sustain AHBPROT when you reload IOS. Generally speaking, Wii subsystem is not designed to reload IOS while title is running. Libogc just tricks system when you want to reload IOS. Clearing flagsby sorg - Coding
Can anybody tell me which register controls mapping of other HW registers from Wii mode D8xxxxx to Gamecube mode Cxxxxxx? Couldn't find this info in WiiBrew's Wiki.by sorg - Coding
Probably Arikado didn't know much about AHBPROT at that time.by sorg - Coding
QuoteSifJarSo was Arikado wrong? (see the post I linked above) His post was about how to disable automatic IOS loading on application startup. Old (seams very very old) libogc loads IOS36 at startup which disables AHBPROT.by sorg - Coding
I know you are very smart tueidj, but there is no help from you at all. You don't need to spend time for such useless comments. P.S.: already discovered how to reload IOS without loosing AHBPROT. N again did it by wrong way :)by sorg - Coding
hmm.. not so crazy :) it works well!by sorg - Coding
SifJar, i will check but it's highly unlikely it uses IOS realod. It simply unneeded for its tastk. WiiPower, thanks for the info. Unfortunately, i know 002 trick and how to trick games to use only one IOS for all. So, i'm using it already. Seams there is no known way to reload IOS for Channels. There is one crazy method coming to my mind: setup small hidden channel-helper withby sorg - Coding
tueidj, good answer. It's a really masterpiece to answer without answering ;)by sorg - Coding
that's what i'm using on steps 1 and 2. On step 3 you will loose ahbprot and ability to patch IOS in memory.by sorg - Coding
Without ES_Identify channel won't be identified with its correct TitleID and thus won't work because won't be able to access its data and content folders. The main idea is: 1) uning AHBPROT access channel's content 2) load its executable 3) load correct IOS (AHBPROT will be lost at this stage!) 4) patch executable 5) execute ES_Identify with channel's TitleID 6)by sorg - Coding
Thanks for reply. I know how to patch - it's not a problem. Problem comes when i want to launch channel with its correct IOS, but cannot use standard ES_LaunchTitle because i want to pre-patch binary before start (Ocarina cheat engine). The funny thing is that you can use ES_DiVerify indirectly when you open partition of DVD game, but there is no similar way to execute ES_DiVerify directby sorg - Coding
In older IOS you could provide valid ticket/tmd/cert to identify in system as specific title. In new IOS (for example 53,55,58) ES_Identify gives error -1017. So, is there a way to identify in system as title besides loading it as channel? I know i can patch IOS, but i want to do this without patching. Is there a way to identify in system by providing valid ticket/tmd?by sorg - Coding
i believe it's because of C/C++ are very old languages, designed when 32bits considered as biggest possible size for forseen future ;)) I wonder, how 128bits will be written later... "long long long"? :)by sorg - Coding
LL is a suffix for "long long" aka signed 64 bit integer. ULL is for unsigned 64 bit integer. without these suffixes, compiler will complain that number is greater than 32 bits.by sorg - Coding
Using USB Gecko with WiiRD will help you to test exploits before you start to dig into checksumms. You may put a break point into desired address and then inject code through debugger. If it will work, then you may proceed to reverse-engineering of checksumms and generate loadable savegame :)by sorg - Coding
I think, you should come to it from another side. Instead of creating your own code to access NAND, you may patch IOS you are running in memory to remove NAND access restriction. After that you will be able to read/write any file you want using standard ISFS IOS calls.by sorg - Coding
well, launching app from HBC won't produce this bug. I have this bug when i launch from my loader. You may tell "Ahh.. that's because your loader!", but it's not quite correct. I suspect, it related to how loader organize its data before launch the app. I remember, there is a space for copy of GX registers defined by gcc linker. Probably, if two consecutive apps are using thby sorg - Coding
Looks like there is some kind of "bug" in libogc. If application didn't call VIDEO_Init() then it will crash upon exit. libogc uses video functions while shutting down which produces crash.by sorg - Coding
Initialized or not, it's static and resides inside executable address space instead of heap or stack area. I don't think it's normal and good style. That's why i'm thinking that some similar "tricks" can cause hang using IOS_ReloadIOS from MEM2by sorg - Coding
by the way, under SNEEK, IOS_ReloadIOS is working from MEM2 binary.by sorg - Coding
ekeeke, you can check thread in libwiikeyboard (keyboard.c). tueidj, i did one experiment: filled MEM2 with some value, executed IOS_ReloadIOS() and dumped MEM2. Nothing has been changed these besides around 256 bytes at the end of MEM2 space, just before IOS protected area. So, nothing has been trashed.by sorg - Coding
I made some experiments - problem caused only if code is in MEM2. Both, stack and heap can be in MEM2 without problem as long as code is in MEM1. My app's binary starts from 0x92800000 and occupies around 400kb. Stack and heap occupies space 0x90002000 - 0x92800000. This is loader for homebrew, channels and DVD. The reason why MEM2 has been choosen, is because no any applications (from Ninby sorg - Coding
or "Internal Storage" Internal Storage File Systemby sorg - Coding
Just found this problem. If binary compiled to MEM2 address (>0x90000000) then IOS_ReloadIOS hangs. After further investigation, it sticks in ios.c at this place: while ((read32(0x80003140) >> 16) == 0) { udelay(1000); } Can anybody tell me how to fix it?by sorg - Coding
it's not related to memory leak. It's how applications initialize video. try to add following code at the end of main: VIDEO_ClearFrameBuffer(vmode, xfb, COLOR_BLACK); VIDEO_SetNextFramebuffer(xfb); VIDEO_SetBlack(1); VIDEO_Flush(); VIDEO_WaitVSync();by sorg - Coding
both examples are using hacking(manual) method of loading. i.e. load manually apploader, then load sections, etc, etc.. I know this method long time already. This is not standard way of loading Disk. What i've asked is loading through ticketing system (ES) where you have to query tickets and then launch through ES_LaunchTitle. I'm guessing how it can be done, but i don't knowby sorg - Coding
Hi, Is there a way to launch Disk (Game on DVD) the same way how it's done in Disk Channel? Something like ES_LaunchTitle for other channels.by sorg - Coding